[jy2947]

Don't know what is going on at Zoom, but I suspected at least part of it sneaky. For example, about 3 or 4 weeks ago I heard about this company, and learned that it has R&D in China per its SEC filing at IPO. However, checked its website, the career section led me to https://jobs.lever.co/zoom, and there was ONLY one opening at China per the website (I remember it was a position at marketing department). Then I searched the company in Chinese media, and saw that they were hiring all types of engineers. That made me feel uncomfortable in buying its stock. Interestingly, now you look at the same career website, and China is removed from the list of city dropdown - maybe they are cutting off or "decoupling" the Chinese R&D?

[anoraca]

Unlikely IMO.

"Zoom, a Silicon Valley-based company, appears to own three companies in China through which at least 700 employees are paid to develop Zoom’s software. This arrangement is ostensibly an effort at labor arbitrage: Zoom can avoid paying US wages while selling to US customers, thus increasing their profit margin. However, this arrangement may make Zoom responsive to pressure from Chinese authorities."

https://citizenlab.ca/2020/04/move-fast-roll-your-own-crypto...

[nilkn]

So Zoom is essentially a Chinese company with a formal outer shell in the US and 81% of its revenue coming from North America?

[nafey]

Isn't the holding company based in US? Aren't the majority of stockholders in US? Apple manufactures a lot of stuff in China so it a chinese company?

[Zenbit_UX]

This explains how their web installer which is essentially glorified malware was made and not reported on some bay area dev's blog or leaked to the press immediately. I was always surprised that a US software team could make something like that in a consumer project in a prominent company and it not be talked about for so long.

[guug]

Are you referring to the same "glorified malware" tricks that are used in Cisco's WebEx installer?

https://news.ycombinator.com/item?id=22815583

[foobiekr]

Correct.

[Florin_Andrei]

That's an excellent business model.

[sct202]

It's basically what a lot of consumer goods companies are now. All the products are made and mostly designed in China, and then the US HQ does all the sales, marketing, and funneling product requirements back to China.

[inetknght]

> and funneling product requirements

I don't think the funneling stops at product requirements.

[tree3]

Not if your business relies on trust.

[lrem]

Only matters when you get big enough to attract meddling kids to look under the hood.

[Florin_Andrei]

I guess it depends on how long-term your goals really are.

[fock]

so basically merging SV surveillance capitalists with PLA style APT developers. What could possibly go wrong!

[rayvd]

I mean, this is incredibly common. Is there a large software company that doesn't do this? Labor competition is a real thing.

[yibg]

Why is having engineers in China cause for suspicion? Lots of tech companies have engineers in China. Eg Microsoft.

[TechBro8615]

Because the CCP has no qualms about threatening an employee’s family to insert a backdoor or exfiltrate information, for one.

The decoupling has begun. Sentiment in the US toward China has never been as negative as it is now, from both sides of the aisle. I wouldn’t be surprised if we even see sanctions against China after the dust settles on this COVID fiasco.

[theshadowknows]

Let’s get real here. The United States government is most certainly capable of doing everything we accuse China of doing and worse.

[jjeaff]

The US is no white knight. But it is not doing anything close to what the CCP does on a regular basis. When was the last time a Trump protestor or Obama protestor disappeared and was never heard from again? Or disappeared and show up again months later, 30 lbs lighter and apologetic about how wrong they were about the government?

[grugagag]

In this sense yes, absolutely. China is known for doing grotesque humanitarian violations.

In another sense such as starting a war to deflect from problems at home, theres one champ and that is our democratic country.

Either one doesn’t mean the other is doing something legitimate and is waranted shielding from criticism

[justaguyonline]

"Starting a war to deflect from problems at home", what the heck would you call the invasion of Tibet then?

And while not literally a war, what purpose do you think the bellicose suppression of the fact of Taiwanese independence both domestically and abroad serves?

Some people seem so obsessed with the country they live in, they can't see the rest of the world properly. An over focus on domestic politics distorts everything with parochialism.

[garmaine]

The US does not start wars to distract from problems at home. That’s conspiracy horse manure. Whether you want to believe it or not, every president that has ever started a conflict or US involvement in an existing conflict has felt the action justified on foreign policy reasons.

Those reasons might be something you object with, or even downright stupid in hindsight. But only in Hollywood is it ever a smoke screen for domestic issues.

[bananabreakfast]

Let's get even more real. This is whataboutism and it is a false argument.

The United States government can and is often held accountable for its actions. This concept does not exist in China.

[president]

You would have to start by decoupling investments in China and Wall Street and many politicians will not allow that to happen.

[qppo]

Enforcing US IP protections isn't a partisan issue. I think it's crazy that people are trusting zoom for their critical communications (like design review meetings and screen sharing schematics/process diagrams!) when there's a non-zero chance that the CCP/PLA has the infrastructure to:

    cat '$COMPANY/zoom-chat.log' | grep '$TRADE_SECRET' | local_industry_boost.bash 

inb4 the whataboutism: yes, the US Government has (and might continue to) participated in state sponsored industrial espionage. But if I'm an American company, I'm not going to care about that.

I've worked for at least one company that outright refused to do business in China or with certain companies that had oversized presence in mainland China because of experiences with this kind of problem. I know of some engineers that were arrested upon entry to the USA because they stole company IP and founded a company in China that used it. I know of another company that had network hardware compromised by an employee over there and was used to attempt to penetrate US networks (and if you wanna get spooked, they weren't alerted by their stateside infosec team, but federal authorities). I don't know why people treat me like a conspiracy theorist for bringing this up about Zoom routing data through China and using less-than-best-practice security.

[jjeaff]

Please share your grep binary that allows me to search countless hours of boring video for actionable content.

[gvjddbnvdrbv]

Run the audio through Google's voice API or similar. Then use grep.

[garmaine]

You mean Baidu’s.

[SubiculumCode]

Zoom as audio transcripting tech included. So.... yeah Grep.

[jy2947]

But if Microsoft has teams in China, Russia work on MS Teams, I will be very concerned. The same goes with Slack, that many companies now rely on to keep business going.

[izacus]

I'm very sure that Microsoft (and plenty of other companies including Apple) has teams in China, Russia and other countries to develop and update proper localizations for those apps.

[dvtrn]

Are you certain they don’t?

[x0x0]

If you have eng in US, having a decent chunk of it in China is much less threatening. For example, your internal controls can specify code review by american employees. Your key servers can remain in America or EU with stronger privacy protection regimes (not necessarily strong; just stronger than China).

This isn't perfect, but it makes subversion (1) more difficult, (2) probably more targeted (see eg Saudi Arabia using Saudi nationals employed by Twitter to steal identities of critics on Twitter), (3) more likely to be discovered.

My company's security model doesn't include the Chinese government / national security / military, but it could include the Chinese government giving our sales leads (which are evident if you can see our Zoom calls) to a domestic competitor. Broad exfiltration of data like that is much much harder if the engineering core is in the US or EU.

[jy2947]

What alerted me at that time was the discrepancy between their HR site at U.S of the Chinese opening (only one), and their job postings in Chinese job sites.

[hedora]

I doubt it is a complicated conspiracy. Someone probably pushed the wrong button on the HR site.

I’d guess the one opening you saw was coming out of a US manager’s budget, and the manager wanted some physical presence in China to help work with teams that are based there.

It’s not surprising that they wouldn’t target China-based positions in fluent Chinese language offices at their US based English language site.

Also, I’ve been using Zoom at work for years. They’re more popular with younger firms (“anything but Cisco”, maybe?).

[president]

I think OP was alluding to Zoom not showcasing the reqs on the US careers site. Most companies including Microsoft do display open positions in all countries including China on their US page.

[cosmodisk]

I very much doubt Microsoft does any serious development of their core products in China. Localisation,some local support and other,less sensitive stuff.

[jkaptur]

The folks I talked to who worked at Microsoft Research Asia said that they worked on Bing, Office, etc.

[sneak]

Anti-China sentiment is being stoked heavily in the US right now. Anything China-related is widely seen as evil and/or untrustworthy. Usually these opinions are expressed on China-sourced hardware.

[eythian]

It could be they advertise jobs in different regions on different systems, to get the closest reach to the potential hirees.

[jy2947]

The R&D centers in China (I think there are 3 of them) are their competitive advantage - this can help them manage cost to be profitable from early on. I also think the engineering teams there can share with their peers of the other local Chinese tech firms. For example, China was literately put in lock down in February, and all of the business and schools went on-line in couple of days - that was a enormous achievement for anyone who participated the scaling infrastructure at the big tech companies in China, and I would not be surprised that the Zoom engineers in Chinese R&D learned couple of lessons from them. Zoom even has a feature that you can choose to "soften" your appearance to look "better" in the video conference, which has been feature of camera/image software popular in Asian market. So I suspect their product team may also have some connections there.

However, Zoom's biggest advantage is also its biggest risk, if they want to be part of the communication infrastructure of any business/government/university/etc in western countries, especially after so many security incidents that happened in the past years.

[m_a_g]

Zoom is fully aware that associating themselves with China considering the latest developments would be catastrophic for them, whether its job listings or some of its servers being in China.

[zkid18]

What’s wrong with having R&D in China? The talent market is attractive and assuming Zoom founder is Chinese it seems more reasonable in some point compare to opening another office in US. Lots of big tech companies has strong R&D presence in China like MSFT, GOOGL.

Btw, I might be wrong but CCP banned Zoom about half a year ago.

[nogabebop23]

Is it the same company? We have "employees" around the world, but that ranges from employed by the mother ship, employed by one of the various subsidiaries (all with very similar sounding names) or not officially employed but via a local agent (for both liability, regulatory and in certain regimes, mandated).